Vulnerabilities > Miniorange > Ldap Integration With Active Directory AND Openldap > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-17 | CVE-2023-23749 | Injection vulnerability in Miniorange Ldap Integration With Active Directory and Openldap 5.0.2 The 'LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login' extension is vulnerable to LDAP Injection since is not properly sanitizing the 'username' POST parameter. | 7.5 |